Any business associates who receives your patient's Protected Health Information (PHI) is subject to all Health Insurance Portability and Accountability Act (HIPAA) regulations. Your billing service, telephone answering service, accounting firm and collection agency, to name a few, all must be HIPAA compliant.
This significant expansion of HIPAA is the result of the Health Information Technology for Economic and Clinical Health (HITECH) Act passed by the United States Congress in February 2009. The HITECH Act Security Rule requires reasonable assurance of the confidentiality, integrity and availability of Electronic Protected Health Information (ePHI) in three key elements:
Failure to comply with the HITECH and HIPAA regulations can cause severe financial penalties reaching up to $1.5 million for you and your practice.
If your office becomes aware of a HIPAA breach made by your business associate, you are required to take reasonable steps in correcting the violation. In the event that such steps are unsuccessful, then you must terminate your business associate agreement.
To avoid terminating contracts or securing other business associates, we highly recommend surveying your business associates' HIPAA compliance processes. Here are few examples of questions to ask:
As a telephone answering service serving hundreds of medical clients in many different states, we have developed strategies and skills which allow us to comply with HIPAA and to expertly serve our diverse clientele. Our commitment to training and education to better serve our clients has produced our Certified Medical Operator Program, a multitude of HIPAA related resources and offering easy-to-use, HIPAA complaint apps. Our hope is that you and your office can adopt some of these tools to make your life a bit less complicated and allow you a more uninterrupted leisure time.